Skip to content

CVE Binary Tool 3.3rc2 pre-release

Pre-release
Pre-release
Compare
Choose a tag to compare
@terriko terriko released this 23 Jan 00:08
· 746 commits to main since this release
v3.3rc2
c491590
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

This pre-release improved the version compare function so it can handle certain distro versions and other special version cases more smoothly. Note that it does not have any special handling for hashes because they appear infrequently in the NVD data, but you may have some unpredictable results if you have hashes listed in an SBOM or local version.

auto-generated notes follow:

What's Changed

  • chore: update SBOM for Python 3.9 by @github-actions in #3623
  • chore: update SBOM for Python 3.8 by @github-actions in #3622
  • chore: update SBOM for Python 3.10 by @github-actions in #3621
  • chore: update SBOM for Python 3.11 by @github-actions in #3620
  • feat(checker): add protobuf-c checker by @ffontaine in #3596
  • feat: disable metrics by default by @ffontaine in #3618
  • feat(checker): add socat checker by @ffontaine in #3597
  • fix: improve lua checker by @ffontaine in #3598
  • feat(checker): add tar checker by @ffontaine in #3600
  • feat(checker): add libvpx checker by @ffontaine in #3602
  • fix: drop wrong gnutls VENDOR_PRODUCT by @ffontaine in #3604
  • fix: update squashfs VENDOR_PRODUCT by @ffontaine in #3605
  • fix: update tor VENDOR_PRODUCT by @ffontaine in #3606
  • fix: update gawk pattern by @ffontaine in #3607
  • feat(checker): add lrzip checker by @ffontaine in #3608
  • fix: update glibc pattern by @ffontaine in #3611
  • fix: update zsh pattern by @ffontaine in #3613
  • fix: improve gdb pattern by @ffontaine in #3614
  • chore: bump version for 3.3 release by @terriko in #3630
  • fix: update coreutils pattern by @ffontaine in #3616
  • fix: update binutils pattern by @ffontaine in #3615
  • fix: update bison pattern by @ffontaine in #3617
  • feat(checker): add mbedtls checker by @ffontaine in #3619
  • feat(checker): add php checker by @ffontaine in #3627
  • fix: drop gpgme CPE ID without CVEs by @ffontaine in #3632
  • fix: drop rsync CPE ID without CVEs by @ffontaine in #3634
  • fix: drop netatalk CPE ID without CVEs by @ffontaine in #3635
  • feat(checker): add jq checker by @ffontaine in #3636
  • feat(checker): add libheif checker by @ffontaine in #3641
  • chore: update checkers table by @github-actions in #3624
  • docs: Updated examples in sbom_generation.md by @Mayankrai449 in #3640
  • feat(checker): add heimdal checker by @ffontaine in #3643
  • feat(checker): add libde265 checker by @ffontaine in #3645
  • ci: fix sbom test skipping logic by @terriko in #3631
  • chore: update checkers table by @github-actions in #3647
  • docs: add cmd for installing the cve-tool in virtualenv by @ayushthe1 in #3649
  • fix: update detailed description by @ffontaine in #3650
  • feat: Enable metrics if epss-{percentile,probability} is set by @ffontaine in #3642
  • chore: update SBOM for Python 3.8 by @github-actions in #3669
  • chore: update SBOM for Python 3.11 by @github-actions in #3668
  • chore: update SBOM for Python 3.9 by @github-actions in #3667
  • chore: update SBOM for Python 3.10 by @github-actions in #3666
  • test: temporarily disable failing tests by @terriko in #3655
  • fix: temporary disabling due to #3674 by @terriko in #3676
  • test: added test for OutputEngine with metrics=False by @mastersans in #3672
  • fix: Deprecate NVD API 1.0 by @akshatgokul in #3671
  • docs: add PHP launguage specification to docs by @Mahhheshh in #3665
  • feat: Fuzz Testing RParser by @crazytrain328 in #3664
  • docs: Clarifying use of --metrics and epss options by @Mayankrai449 in #3663
  • chore: update spdx header by @github-actions in #3679
  • chore: update js dependencies by @github-actions in #3680
  • docs: Add appropriate docstring to output_engine/print_mode.py (#3457) by @aptitudepi in #3677
  • chore: update pre-commit config by @github-actions in #3678
  • docs(README.md): updated options list in README.md by @DEVESH-N2 in #3662
  • ci: add interrogate to github actions & exclude some directories by @ayushthe1 in #3612
  • feat(checker): add iwd checker by @ffontaine in #3660
  • chore: add template for docstrings issues by @terriko in #3685
  • chore: update SBOM for Python 3.9 by @github-actions in #3691
  • chore: update SBOM for Python 3.8 by @github-actions in #3690
  • chore: update SBOM for Python 3.10 by @github-actions in #3689
  • chore: update SBOM for Python 3.11 by @github-actions in #3688
  • chore: update checkers table by @github-actions in #3686
  • fix: add additional CPE IDs to faad2 by @ffontaine in #3699
  • chore(deps): bump actions/dependency-review-action from 3.1.4 to 3.1.5 by @dependabot in #3695
  • feat(checker): add netdata checker by @ffontaine in #3648
  • chore: fix broken docstrings issue template by @terriko in #3702
  • feat(checker): add micropython checker by @ffontaine in #3704
  • chore: update SBOM for Python 3.8 by @github-actions in #3709
  • chore: update SBOM for Python 3.9 by @github-actions in #3708
  • chore: update SBOM for Python 3.11 by @github-actions in #3707
  • chore: update SBOM for Python 3.10 by @github-actions in #3706
  • chore: update checkers table by @github-actions in #3703
  • feat: test handling of ~= in requirements.txt and add it to docs by @ayushthe1 in #3610
  • ci: improve interrogate/pre-commit config by @terriko in #3714
  • fix: [Snyk] Security upgrade pillow from 9.5.0 to 10.0.1 by @terriko in #3601
  • test: re-enable failing tests from #3653 by @terriko in #3720
  • fix: fail gracefully for npm .package-lock.json files by @terriko in #3654
  • chore: update SBOM for Python 3.9 by @github-actions in #3732
  • chore: update SBOM for Python 3.8 by @github-actions in #3731
  • chore: update SBOM for Python 3.11 by @github-actions in #3730
  • chore: update SBOM for Python 3.10 by @github-actions in #3729
  • chore(deps): bump actions/cache from 3.3.2 to 4.0.0 by @dependabot in #3739
  • feat(checker): add go checker by @ffontaine in #3651
  • docs: add docstrings to cve-bin-tool/util by @Mahhheshh in #3715
  • chore(deps): bump github/codeql-action from 2.22.9 to 3.23.0 by @dependabot in #3705
  • docs: added docstring to swid_parser.py by @Mahhheshh in #3716
  • feat: Fuzz testing PerlParser by @crazytrain328 in #3725
  • chore: update checkers table by @github-actions in #3740
  • fix: improve robustness of version compare by @terriko in #3694
  • chore: update SBOM for Python 3.8 by @github-actions in #3749
  • chore: update SBOM for Python 3.9 by @github-actions in #3748
  • chore: update SBOM for Python 3.10 by @github-actions in #3747
  • chore: update SBOM for Python 3.11 by @github-actions in #3746
  • chore: set version to 3.3rc2 for pre-release by @terriko in #3750

New Contributors

Full Changelog: v3.3rc1...v3.3rc2

Contributors

terriko, ffontaine, and 9 other contributors
Assets 2
Loading